Trick5 – How to Run Sudo Commands Using Touch ID on macOS – Trick5

Typing passwords is for suckers, which is why the best part of the latest MacBook Pro is Touch ID. Skipping the lock screen with a quick tap is easily my favorite feature. But there’s one place that still requires a password: the Terminal, if you want to use sudo.

Happily, a tweet by Cabel Sasser showed us how to use Touch ID there as well, and it only takes a minute to set up.

Basically, we need to edit the configuration file for sudo, /etc/pam.d/sudo, adding a single line to the beginning, auth sufficient pam_tid.so. If you know how to do that with your text editor of choice, get to it, but for everyone else, here’s a quick step-by-step tutorial using nano.

Head to the Terminal and run the following command:

sudo nano /etc/pam.d/sudo

You’ll have to enter your password but don’t worry: this will be the last time. The text editor will open. Create a new line near the top of the editor and paste in the following:

auth sufficient pam_tid.so

When everything looks like the screenshot, press Control+X to exit, then press Y followed by Enter to save your changes. You’re done!

From now on using sudo will trigger the Touch ID window…

…and the Touch ID prompt on the Touch Bar.

It’s a little gimmicky, sure, but if you’re got a long password this could save you time.

Just remember: sudo is powerful, so only set this up if you trust Touch ID to keep it locked down. Note also that setting this up makes it impossible for you to use sudo over SSH, so maybe don’t set this up on a Mac that you connect to remotely.